Forum Discussion
NimbostratusASM Performance Optimization (Conditional policy selection based on HTTP method)
There are significantly more opportunities for web application exploitation with the use of HTTP POST requests (search forms, registration forms, "leave comment" fields, and much more). On the other hand, when it comes to HTTP GET requests, there are not as many attack vectors. Perhaps going for a 2-policy setup (GET policy + POST policy) per application would make sense for the performance optimization benefit.
Here goes my question. Assuming that I'm willing to put in the effort to create a second policy (for GET requests only) which excludes all the security-checks and attack detection signatures that are only relevant for POST requests, will there be any considerable performance gains?
Alternatively, is it not worth the effort for whatever reason? I'm not sure if the recent versions of ASM software include built-in self intelligence to take care of this problem automatically.
Hannes,
3 Replies
Arnaud_LemaireEmployee
That make sense the less you check, the less you consume. Be aware that we introduces methods filtering in 12.1 thus you can differentiate Uris in an asm policy.
- Arnaud_Lemaire
That make sense the less you check, the less you consume. Be aware that we introduces methods filtering in 12.1 thus you can differentiate Uris in an asm policy.
- Walter_Kacynski
Cirrostratus
Interesting thought though one would argue, if this is the case, why has PD not addressed this optimization for customers already? As a customer , we shouldn't have to put in additional logic behind how ASM works or is optimized behind the scenes and just use the product to reduce security exposures.
